This repository will create a Ubuntu 16.04 virtual machine with the Skipfish web application security scanner installed.
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
The version of Skipfish installed will be 2.10b
In order to provision a new virtual machine, run vagrant up from a terminal in this project's root directory. Once the provisioning is complete you can SSH into the new virtual machine using vagrant ssh. You will find a symlink to the skipfish installation in your home directory.
If you need to update the vagrant box to the latest version, run vagrant box update.
Once your done, you can shutdown the virtual machine using vagrant down. You can also completely delete the machine using vagrant destroy.
Code released under the MIT License.
http://code.google.com/p/skipfish/
Written and maintained by:
- Michal Zalewski lcamtuf@google.com
- Niels Heinen heinenn@google.com
- Sebastian Roschke s.roschke@googlemail.com
Copyright 2009 - 2012 Google Inc, rights reserved.
Released under terms and conditions of the Apache License, version 2.0.